Purpose of /* Try to get same port: if not, try to change it. */ ip_nat_ftp.c
Harald Welte
laforge@gnumonks.org
Mon, 30 Jul 2001 19:15:57 -0300
On Mon, Jul 30, 2001 at 05:28:13PM -0700, Hemant Jain wrote:
> Hi,
>
> I am trying to understand following code segment in ftp_data_fixup in
> ip_nat_ftp.c
>
> /* Try to get same port: if not, try to change it. */
> for (port = ct_ftp_info->port; port != 0; port++) {
> tuple.dst.u.tcp.port = htons(port);
>
> if (ip_conntrack_expect_related(ct, &tuple, &mask, NULL) == 0)
> break;
> }
>
> How does this affect the ip_conntrack_expect_related which has already been
> called in ip_conntrack_ftp.c, may be with a different (originally parsed from
> the stream) port?
It doesn't. ip_nat_ftp is about the nat mapping. We try to find a free port
on the to-be-nat'ed-to ip address.
> I tried forcibly replacing the port value and faced some problems. (as if the
> port was busy)
yes. every (port, l4prot, ip-addr) tuple can only be used once to perserve
a 1:1 mapping.
> Has this code-segment been tested?
it's running an estimated several thousend times every second one some of
the 20 million linux installations over the world.
> Hemant
--
Live long and prosper
- Harald Welte / laforge@gnumonks.org http://www.gnumonks.org
============================================================================
GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M-
V-- PS+ PE-- Y+ PGP++ t++ 5-- !X !R tv-- b+++ DI? !D G+ e* h+ r% y+(*)